Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label Computer servers. Show all posts

Ransomware Attack Hits Sandhills Online Machinery Market

 

Sandhills Global, a leading industry publication, has been hit by a ransomware assault, resulting in hosted websites being unavailable and affecting their company operations. 

Sandhills Global is a trade publishing and hosting firm headquartered in the United States that serves the transportation, agriculture, aircraft, heavy machinery, and technology industries. 

The firm offers a variety of printed and online trade magazines that include industry news as well as a marketplace for dealers to sell relevant new and old machinery. 

Sandhills Global's website and all of their hosted publications went offline on October 1, and their phones stopped working. Users are presented with a Cloudflare Origin DNS error page while attempting to access websites hosted on Sandhills' platform, suggesting that Cloudflare is unable to connect to Sandhills' servers. 

Several sources have informed BleepingComputer that the disruptions are the result of a Conti ransomware assault. This attack reportedly happened in the early morning on Thursday, leading the firm to take down all of its IT systems to stop the escalation of the attack.

Over the years, the Conti ransomware group has been involved in a large number of attacks, including high-profile operations targeting JVCKenwood, the City of Tulsa, Ireland's Health Service Executive (HSE), and Advantech. 

When carrying out assaults, the Conti group generally steals files before encrypting devices to use them as extra leverage during extortion operations. They then demand multi-million dollar ransom payments in order to receive a decryptor and not leak stolen data. 

It's unclear how much the Conti seeks from Sandhills, or whether they acquired data during the attack. Sandhills has been contacted by BleepingComputer with questions regarding the assault but didn't receive any response. 

While Sandhills Global has not responded to the email, a customer shared an email with BleepingComputer which confirmed the ransomware assault. 

The email stated, “Sandhills Global is currently responding to a ransomware attack that impacted our operations. Systems and operations have been temporarily shut down to protect data and information, and we have retained cybersecurity experts to assist us with the investigation, which is ongoing. We are working actively and diligently with the assistance of our retained experts to fully restore operations. At this time, we are continuing to investigate whether any of our client's information has been accessed or impacted by this incident. 

At this time, we have not discovered evidence that confirms that customer information has been compromised. Please know that our clients are our number one priority and we are working diligently to restore operations and remediate the attack. At this time, our ability to respond to your messages may be delayed. 

We appreciate your patience and deeply regret any inconvenience this may cause. We will provide updates regarding this matter and the status of our services as soon as possible.”

Computer Servers go down at Clark County

 

An inquiry is ongoing following a malware operation that led all government Clark County computer servers to go down on Thursday, 13 May. Officials from Clark County claim they are still focusing on restoring operations and determining the effects of malware activity. 

Clark County officials declared on Friday 14th May that it was not evident when the malware operation triggered their network to go down completely. 

Clark County is a diverse and creative organization that ensures integrity, respect, and transparency for the highest quality service. 

In this regard, Clark County Commissioner Melanie Flax Wilt has affirmed that the county coordinates upon the inquiry with third-party cybersecurity contractors and local law enforcement personnel. The contractors were not named by Flax Wilt, who stated that she could not get a time frame for many of these servers for being back up and running. 

They said that this does not involve proof of a data violation so far, showing that information provided by the public is secure and not compromised. 

The 911 system of the county stayed in service; Flax Wilt further added that at this time there is no indication that malware intrusion has compromised information in the county. The investigations included illegal activity. County officials also stated that they are examining the malware operation source. 

“We can confirm Clark County’s 9-1-1 system is operational, and public safety is not at risk at this time,” said Michael Cooper, the Clark County Public Information Officer. 

As the servers went down, according to a statement by the Clark county commissioners' board, the Country asks its members to be precautionary when opening emails from within the company. 

“If you receive a suspicious email from Clark County with a. ZIP attachment, please do not open it. We’re asking partners to simply delete the email,” the release stated. 

The county server components are steadily returning online. Nevertheless, the review is still pending, according to county officials. Country representatives said that although the investigation progresses, they will provide further provide updates related to the investigation. 

“We are fully committed to the security of the data and systems in our care, and we will continue to monitor the evolving situation with the county and continue to be vigilant for attempted intrusions on our network,” the statement said.